Restrict access for VPN Client on IOS EZVPN Server

Unanswered Question
Jul 27th, 2009

I like to restrict a VPN Client to access only one /24 network at the central site. In

crypto isakmp client configuration group mode i cannot find such an option.

On ASA there is such option.

Is there another way to do this ?

Either on legacy EZVPN config or on DVTI.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
htarra Mon, 08/03/2009 - 13:07

This URL provides a sample configuration using the Cisco Adaptive Security Device Manager (ASDM) for restricting what internal networks remote access VPN users can access behind the PIX Security Appliance or Adaptive Security Appliance (ASA). You can limit remote access VPN users to only the areas of the network that you want them to access when you:

Create access lists.

Associate them with group policies.

Associate those group policies with tunnel groups

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080641a52.shtml

Actions

This Discussion